Thanks for replying.<= /span>

You said,

"Ciphers = and modes are the job of the kernel, not dm-crypt."

I a= m trying to understand if pro= prietary software can be used with dm-crypt.

I read it is i= n GPL mode. Which version? GPL v2, v3, LGPL...?

For example, there is some in-house propriet= ary developed code for AES-XTS.

If I understood your re= ply correctly, then dm-crypt will call these functions loaded into the kern= el and there will not be any problem as the GPL code (dm-crypt) will not be l= inked with the proprietary code.

Is that so?

From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Sent: Monday, September 3, 2012 8:29 PM=
Subject: Re: [dm-crypt] (no subjec= t)

=0AOn Mon, Sep 03, 2012 at 06:20:35PM -0700, Anil= wrote:
> Newbie here. I need to use dm-crypt with aes-xts. How is dm= -crypt called?

Refer to the man-page and the FAQ.

> Is i= t possible to encrypt data while being saved on the fly?

That is its= job. It is not possible to do it in any other way.

> Will there = be file filters to encrypt/decrypt while saving
> and opening the fi= le?

No.

> Is aes-xts provided elsewhere as a plugin? or is= it part of dmcrypt?

Ciphers and modes are the job of the kernel, no= t dm-crypt.
It just uses them.

Arno
--
Arno Wagner, = Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name
= GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797= F 6B50 1E25 338F
----
One of the painful things about our time is tha= t those who feel certainty
are stupid, and those with any imagination and understanding are fille= d
with doubt and indecision. -- Bertrand Russell
__________________= _____________________________
dm-crypt mailing list
dm-crypt@saout.de<= /a>
http://www.saout.de/mailman/listinfo/dm-crypt

Suppose I have a libr= ary of various crypto algorithms. It is proprietary.

I buil= d it as a module and want the user to run dm-crypt specifying my module to = be run.

For example,

crypt FooCryptoLibrary= -aes-xts

I read that if your module is not GPL, then on= e cannot access core functions.

Will there be a problem her= e?

From: Arno Wagner <arno@wagner.name>
To: dm-crypt@saout.de
Sent: Wednesday, September 5, 2012 7= :41 AM
Subject: Re: [d= m-crypt] newbie qs on dm-crypt

=0AOn Tue, Sep 04, 20= 12 at 02:14:09PM -0700, Anil wrote:
> Thanks for replying.
> Yo= u said,
> "Ciphers and modes are the job of the kernel, not dm-crypt.= "

>
> I am trying to understand if?proprietary software ca= n be used with
> dm-crypt.
>

That depends.

> I= read it is in GPL mode. Which version? GPL v2, v3, LGPL...?
>
>= ; For example, there is some in-house proprietary developed code for
>= ; AES-XTS.
>
> If I understood your reply correctly, then dm-c= rypt will call these
> functions loaded into the kernel and there wil= l not be any problem as the
> GPL code (dm-crypt) will not be linked = with the proprietary code. Is that
> so??

No. Kernels ar= e different. If you do not distribute, it does not
matter anyways. If yo= u distribute, and want your stuff to stay
closed, you should probably t= alk to an IP lawyer.

I have to say though that there is pobably no point, as AES-XTS is
open and the kernel imple= mentation is probably better than yours
anyways.

Arno

>
>
>
> ________________________________
&g= t; From: Arno Wagner <arno@wagner.name>
> To: dm-crypt@s= aout.de
> Sent: Monday, September 3, 2012 8:29 PM
> Subjec= t: Re: [dm-crypt] (no subject)
>
> On Mon, Sep 03, 2012 = at 06:20:35PM -0700, Anil wrote:
> > Newbie here. I need to use dm= -crypt with aes-xts. How is dm-crypt called?
>
> Refer to the= man-page and the FAQ.
>
> > Is it possible to encrypt dat= a while being saved on the fly?
>
> That is its job. It is not= possible to do it in any other way.
>
> > Will there be fi= le filters to encrypt/decrypt while saving
> > and opening the file= ?
>
> No.
>
> > Is aes-xts provided elsewhere = as a plugin? or is it part of dmcrypt?
>
> Ciphers and modes a= re the job of the kernel, not dm-crypt.
> It just uses them.
>=
> Arno
> --
> Arno Wagner,? ? Dr. sc. techn., Dipl. In= form.,? Email: arno@wagner.name
> GnuPG:? ID: 1E25338F? FP: 0= C30 5782 9D93 F785 E79C? 0296 797F 6B50 1E25 338F
> ----
> One = of the painful things about our time is that those who feel certainty
&= gt; are stupid, and those with any imagination and understanding are filled=
> with doubt and indecision. -- Bertrand Russell
> _________= ______________________________________
> dm-crypt mailing list
>= ; dm-crypt@saout.de
> http://www= .saout.de/mailman/listinfo/dm-crypt

> ___________________________= ____________________
> dm-crypt mailing list
> dm-crypt@saout.de=
> http://www.saout.de/mailman/listinfo/dm-crypt

= --
Arno Wagner, Dr. sc. techn., Dipl. Inform., Emai= l: = arno@wagner.name
GnuPG: ID: 1E25338F FP: 0C30 5782 9D93= F785 E79C 0296 797F 6B50 1E25 338F
----
One of the painful thi= ngs about our time is that those who feel certainty
are stupid, and tho= se with any imagination and understanding are filled
with doubt and ind= ecision. -- Bertrand Russell
_______________________________________________
dm-crypt mailing li= st
dm-crypt@saout.de
http://www.saout.de/mailman/listinfo/dm-cryp= t

--1124294693-118509081-1347380237=:80031-- From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sTQIHsMaK_qT for ; Tue, 11 Sep 2012 20:31:49 +0200 (CEST) Received: from v4.tansi.org (ns.km33513-03.keymachine.de [87.118.94.3]) by mail.saout.de (Postfix) with ESMTP for ; Tue, 11 Sep 2012 20:31:48 +0200 (CEST) Received: from gatewagner.dyndns.org (84-72-142-78.dclient.hispeed.ch [84.72.142.78]) by v4.tansi.org (Postfix) with ESMTPA id 740771404001 for ; Tue, 11 Sep 2012 20:31:48 +0200 (CEST) Date: Tue, 11 Sep 2012 20:31:48 +0200 From: Arno Wagner Message-ID: <20120911183148.GA9317@tansi.org> References: <1346721635.29083.YahooMailNeo@web161504.mail.bf1.yahoo.com> <20120904012914.GA22939@tansi.org> <1346793249.9716.YahooMailNeo@web161501.mail.bf1.yahoo.com> <20120905124109.GA11942@tansi.org> <1347380237.80031.YahooMailNeo@web160804.mail.bf1.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1347380237.80031.YahooMailNeo@web160804.mail.bf1.yahoo.com> Subject: Re: [dm-crypt] newbie qs on dm-crypt List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de Simple: You need to get it into the kernel. dm-crypt does not supply the run-time encryption, it just does the kernel cm-crypt module setup, i.e. it establishes the "mapping". After that, all encryption is done by the kernel. If your stuff is non-GPL, then I suspect you will need to maintain your own kernel patch-set. Basically that will be a waste of time, and has zero engineering or security justification. It can be necessary for political reasons, I can see that. But expect it to be a huge pain and effort for zero technological advantage and you cannot distribute it legally. Note on GPL: As long as you do not distribute this kernel, or the patch-set, you can do whathever you like. As soon as you distribute, even only to specific customers or as part of a "blackbox" product, you are screwed and need to GPL the module. There is no freew lunch here. If you want your own non-GPL crypto in a Linux-like kernel, then you need to re-implement that Linux-like kernel yourself, possibly spending a few billions on it. You may want to look at the xBDSs. They have more permissive licenses. Arno On Tue, Sep 11, 2012 at 09:17:17AM -0700, Anil wrote: > Suppose I have a library of various crypto algorithms. It is proprietary. > I build it as a module and want the user to run dm-crypt specifying my module to be run. > For example, > crypt FooCryptoLibrary-aes-xts > I read that if your module is not GPL, then one cannot access core functions. > Will there be a problem here? > > > ________________________________ > From: Arno Wagner > To: dm-crypt@saout.de > Sent: Wednesday, September 5, 2012 7:41 AM > Subject: Re: [dm-crypt] newbie qs on dm-crypt > > On Tue, Sep 04, 2012 at 02:14:09PM -0700, Anil wrote: > > Thanks for replying. > > You said, > > "Ciphers and modes are the job of the kernel, not dm-crypt." > > > > > I am trying to understand if?proprietary software can be used with > > dm-crypt. > > > > That depends. > > > I read it is in GPL mode. Which version? GPL v2, v3, LGPL...? > > > > For example, there is some in-house proprietary developed code for > > AES-XTS. > > > > If I understood your reply correctly, then dm-crypt will call these > > functions loaded into the kernel and there will not be any problem as the > > GPL code (dm-crypt) will not be linked with the proprietary code.? Is that > > so?? > > No. Kernels are different. If you do not distribute, it does not > matter anyways. If you distribute, and want your stuff to stay > closed, you should probably talk to an IP lawyer. > > I have to say though that there is pobably no point, as AES-XTS is > open and the kernel implementation is probably better than yours > anyways. > > Arno > > > > > > > > > > > ________________________________ > >? From: Arno Wagner > > To: dm-crypt@saout.de > > Sent: Monday, September 3, 2012 8:29 PM > > Subject: Re: [dm-crypt] (no subject) > >? > > On Mon, Sep 03, 2012 at 06:20:35PM -0700, Anil wrote: > > > Newbie here. I need to use dm-crypt with aes-xts. How is dm-crypt called? > > > > Refer to the man-page and the FAQ. > > > > > Is it possible to encrypt data while being saved on the fly? > > > > That is its job. It is not possible to do it in any other way. > > > > > Will there be file filters to encrypt/decrypt while saving > > > and opening the file? > > > > No. > > > > > Is aes-xts provided elsewhere as a plugin? or is it part of dmcrypt? > > > > Ciphers and modes are the job of the kernel, not dm-crypt. > > It just uses them. > > > > Arno > > -- > > Arno Wagner,? ? Dr. sc. techn., Dipl. Inform.,?? Email: arno@wagner.name > > GnuPG:? ID: 1E25338F? FP: 0C30 5782 9D93 F785 E79C? 0296 797F 6B50 1E25 338F > > ---- > > One of the painful things about our time is that those who feel certainty > > are stupid, and those with any imagination and understanding are filled > > with doubt and indecision. -- Bertrand Russell > > _______________________________________________ > > dm-crypt mailing list > > dm-crypt@saout.de > > http://www.saout.de/mailman/listinfo/dm-crypt > > > _______________________________________________ > > dm-crypt mailing list > > dm-crypt@saout.de > > http://www.saout.de/mailman/listinfo/dm-crypt > > > -- > Arno Wagner,? ? Dr. sc. techn., Dipl. Inform.,? Email: arno@wagner.name > GnuPG:? ID: 1E25338F? FP: 0C30 5782 9D93 F785 E79C? 0296 797F 6B50 1E25 338F > ---- > One of the painful things about our time is that those who feel certainty > are stupid, and those with any imagination and understanding are filled > with doubt and indecision. -- Bertrand Russell > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@wagner.name GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- One of the painful things about our time is that those who feel certainty are stupid, and those with any imagination and understanding are filled with doubt and indecision. -- Bertrand Russell From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U7LPViRBRzlL for ; Tue, 11 Sep 2012 21:05:46 +0200 (CEST) Received: from mail-ee0-f50.google.com (mail-ee0-f50.google.com [74.125.83.50]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Tue, 11 Sep 2012 21:05:46 +0200 (CEST) Received: by eekc50 with SMTP id c50so746923eek.37 for ; Tue, 11 Sep 2012 12:05:46 -0700 (PDT) Message-ID: <504F8BA1.6080605@gmail.com> Date: Tue, 11 Sep 2012 21:06:09 +0200 From: =?ISO-8859-1?Q?Javier_Juan_Mart=EDnez_Cabez=F3n?= MIME-Version: 1.0 References: <1346721635.29083.YahooMailNeo@web161504.mail.bf1.yahoo.com> <20120904012914.GA22939@tansi.org> <1346793249.9716.YahooMailNeo@web161501.mail.bf1.yahoo.com> <20120905124109.GA11942@tansi.org> <1347380237.80031.YahooMailNeo@web160804.mail.bf1.yahoo.com> In-Reply-To: <1347380237.80031.YahooMailNeo@web160804.mail.bf1.yahoo.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] newbie qs on dm-crypt List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On 11/09/12 18:17, Anil wrote: > Suppose I have a library of various crypto algorithms. It is proprietary. > I build it as a module and want the user to run dm-crypt specifying my module to be run. > For example, > crypt FooCryptoLibrary-aes-xts > I read that if your module is not GPL, then one cannot access core functions. > Will there be a problem here? > > > ________________________________ > From: Arno Wagner > To: dm-crypt@saout.de > Sent: Wednesday, September 5, 2012 7:41 AM > Subject: Re: [dm-crypt] newbie qs on dm-crypt > > On Tue, Sep 04, 2012 at 02:14:09PM -0700, Anil wrote: >> Thanks for replying. >> You said, >> "Ciphers and modes are the job of the kernel, not dm-crypt." > >> >> I am trying to understand if?proprietary software can be used with >> dm-crypt. >> > > That depends. > >> I read it is in GPL mode. Which version? GPL v2, v3, LGPL...? >> >> For example, there is some in-house proprietary developed code for >> AES-XTS. >> >> If I understood your reply correctly, then dm-crypt will call these >> functions loaded into the kernel and there will not be any problem as the >> GPL code (dm-crypt) will not be linked with the proprietary code. Is that >> so?? > > No. Kernels are different. If you do not distribute, it does not > matter anyways. If you distribute, and want your stuff to stay > closed, you should probably talk to an IP lawyer. > > I have to say though that there is pobably no point, as AES-XTS is > open and the kernel implementation is probably better than yours > anyways. > > Arno > > > >> >> >> >> ________________________________ >> From: Arno Wagner >> To: dm-crypt@saout.de >> Sent: Monday, September 3, 2012 8:29 PM >> Subject: Re: [dm-crypt] (no subject) >> >> On Mon, Sep 03, 2012 at 06:20:35PM -0700, Anil wrote: >>> Newbie here. I need to use dm-crypt with aes-xts. How is dm-crypt called? >> >> Refer to the man-page and the FAQ. >> >>> Is it possible to encrypt data while being saved on the fly? >> >> That is its job. It is not possible to do it in any other way. >> >>> Will there be file filters to encrypt/decrypt while saving >>> and opening the file? >> >> No. >> >>> Is aes-xts provided elsewhere as a plugin? or is it part of dmcrypt? >> >> Ciphers and modes are the job of the kernel, not dm-crypt. >> It just uses them. >> >> Arno >> -- >> Arno Wagner,? ? Dr. sc. techn., Dipl. Inform.,? Email: arno@wagner.name >> GnuPG:? ID: 1E25338F? FP: 0C30 5782 9D93 F785 E79C? 0296 797F 6B50 1E25 338F >> ---- >> One of the painful things about our time is that those who feel certainty >> are stupid, and those with any imagination and understanding are filled >> with doubt and indecision. -- Bertrand Russell >> _______________________________________________ >> dm-crypt mailing list >> dm-crypt@saout.de >> http://www.saout.de/mailman/listinfo/dm-crypt > >> _______________________________________________ >> dm-crypt mailing list >> dm-crypt@saout.de >> http://www.saout.de/mailman/listinfo/dm-crypt > > > > > _______________________________________________ > dm-crypt mailing list > dm-crypt@saout.de > http://www.saout.de/mailman/listinfo/dm-crypt If your module is not gpl I think you will not be able to use with gpl-only-symbols unless you change this. However I think you shall do this question in the kernel mailing list (dm-crypt is a userland tool). I doubt if its legal that you modify a EXPORT_SYMBOL_GPL to a EXPORT_SYMBOL one, for me is something like change the licence. I'm not and expert is this question thought, but I think you shall ask this too there.